Home Ransomware warning, critical infrastructure groups

Ransomware warning, critical infrastructure groups

March 6 – The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have issued a joint warning pertaining to the dangers of Royal Ransomware, which threatens critical infrastructure groups both in the U.S. and abroad.

Royal Ransomware warning

The warning emerges after an advisory from the U.S. Department of Health and Human Services (HHS), whose security team recently determined that the threat actors behind Royal Ransomware managed to attack several high-profile healthcare organizations in the past few months. In addition to the healthcare sector, the energy sector is of particular interest to the Royal Ransomware group.

Royal Ransomware enterprise

The Royal Ransomware gang is believed to be a state-sponsored hacking group. The group was initially discovered in 2019 and its members are responsible for numerous high-profile attacks on critical infrastructure systems around the world.

The group is known for use of advanced tactics and techniques, including the use of spear-phishing emails and exploits of vulnerabilities in hardware and software.

Royal Ransomware’s effects

In January of 2023, the Royal group executed at least 19 cyber attacks. According to the federal U.S. advisory, ransom demands issued by Royal range in nature from $1 million USD to $11 million USD, although precisely how much the group has extorted from victims remains unknown.

The advisory also explains that Royal operators tend to engage in double extortion tactics, meaning that they threaten to publicly release sensitive data, unless a ransom has been paid.

Further thoughts

The Royal Ransomware group is a highly skilled hacking group that targets critical infrastructure systems, including those in the energy, transportation, and healthcare sectors.

Their attacks can cause widespread disruption and even endanger lives. Organizations must take steps to advance their cyber security measures and to protect their critical infrastructure systems from ransomware-related disruptions.

Discover a critical infrastructure security eBook, here. Get a ransomware checklist here. Lastly, to receive more cutting-edge cyber security news, best practices and analyses, please sign up for the CyberTalk.org newsletter.